Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/W8rkRFU27X3O_ggvH0_DC87BO6o.roa
File: W8rkRFU27X3O_ggvH0_DC87BO6o.roa (raw, json)
Hash identifier: DtVq8KYrTJ5jTCw4DTDrmANA/nEawXs2FP6I3zpA8fk=
Subject key identifier: 5B:CA:E4:44:55:36:ED:7D:CE:FE:08:2F:1F:4F:C3:0B:CE:C1:3B:AA
Certificate issuer: /CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Certificate serial: 018CC79562ACB460D9AAEFFCFF0A704F77B2
Authority key identifier: C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/W8rkRFU27X3O_ggvH0_DC87BO6o.roa
Signing time: Tue 02 Jan 2024 00:31:45 +0000
ROA not before: Tue 02 Jan 2024 00:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39368
IP address blocks: 185.211.58.0/24 maxlen: 24
185.211.57.0/24 maxlen: 24
185.211.56.0/24 maxlen: 24
185.211.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:62:ac:b4:60:d9:aa:ef:fc:ff:0a:70:4f:77:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Validity
Not Before: Jan 2 00:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bcae4445536ed7dcefe082f1f4fc30bcec13baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f2:78:64:68:3e:c3:21:06:92:9f:67:13:c1:
ec:0b:65:e3:0d:1d:c1:fc:1c:6f:7d:d7:4e:b4:89:
64:10:65:2a:c8:f4:82:8c:75:3a:4a:49:fb:69:1e:
d5:2c:f1:e1:fa:3a:cf:c6:3a:90:d2:37:cc:1c:63:
d1:f9:74:6f:e1:93:17:a0:0b:ff:ba:56:8e:41:6a:
49:54:b7:a3:2d:eb:38:0e:0b:e0:be:fb:22:f7:dd:
07:1a:37:30:3c:d6:e5:4e:ac:6f:2e:a6:f0:79:8f:
1b:1f:0d:00:33:3b:b7:d8:30:85:fd:7a:f8:91:f6:
fe:80:11:bb:16:73:b7:3c:38:62:7e:a7:d9:b1:c8:
b9:d2:fb:fa:59:cf:e3:a6:02:65:c2:bd:b5:84:80:
9f:3e:25:a5:db:a2:be:bb:0e:63:0b:b4:71:99:a5:
30:23:46:1f:ec:54:39:ff:0e:56:cd:5d:19:29:57:
94:53:63:da:ae:f4:29:94:84:73:91:4f:7d:ed:65:
be:bb:ac:cc:22:cf:a9:6b:2d:36:80:45:ad:a5:ba:
7f:09:33:21:86:c2:f8:53:16:ec:a1:1c:12:5a:47:
67:5b:f7:1c:f0:22:49:62:8f:b5:44:1c:5b:97:89:
ae:43:13:26:13:f5:be:89:2b:df:1f:6e:a7:fc:72:
b5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:CA:E4:44:55:36:ED:7D:CE:FE:08:2F:1F:4F:C3:0B:CE:C1:3B:AA
X509v3 Authority Key Identifier:
keyid:C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/W8rkRFU27X3O_ggvH0_DC87BO6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.56.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:3a:46:a5:31:6b:c3:c8:77:12:a8:b3:60:e3:ab:99:6f:a8:
7b:6e:d6:f5:80:27:89:41:9e:24:c2:5a:2f:61:70:d7:4b:b3:
f5:0e:ec:08:c4:de:0a:3b:74:69:c3:af:f7:57:75:f9:aa:74:
d3:d4:08:be:99:60:16:3b:eb:5e:01:ca:8b:8d:c3:8a:ea:3a:
bb:1e:8e:00:36:e4:52:1e:fd:01:5c:93:ae:4d:41:05:db:3b:
0c:7e:4f:6c:90:f5:06:b4:b5:56:a2:da:62:17:5a:1e:60:b2:
a7:fd:2d:12:03:84:f6:33:82:28:a8:37:ec:41:14:3c:5d:ae:
71:fa:e2:a9:7c:e0:ac:b3:70:d4:5b:94:51:28:bc:61:06:89:
a6:9d:7c:33:da:46:dd:69:62:69:7c:fa:33:b2:de:d6:65:98:
a5:d5:6c:5e:e6:a7:e6:8f:a8:5b:8c:5e:4f:42:3a:2c:fe:b1:
78:3a:d4:5c:8a:15:8a:73:ca:ce:51:2c:1f:02:07:37:1e:c4:
aa:7f:d3:5b:04:6e:a9:bc:de:51:5e:db:89:21:42:01:f3:39:
30:65:f5:fb:0e:96:b4:d8:20:ad:f6:da:d2:0c:ca:95:25:26:
fa:1f:72:e6:31:07:52:77:04:57:38:15:e4:23:38:c3:f4:6f:
59:a5:76:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlWKstGDZqu/8/wpwT3eyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzY0MmQxYWIzOWQzMDllYzVmMzNlNGU4ODE0YWRjMzU4
NDgyNWYwHhcNMjQwMTAyMDAzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmNhZTQ0NDU1MzZlZDdkY2VmZTA4MmYxZjRmYzMwYmNlYzEzYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPJ4ZGg+wyEGkp9nE8HsC2XjDR3B
/BxvfddOtIlkEGUqyPSCjHU6Skn7aR7VLPHh+jrPxjqQ0jfMHGPR+XRv4ZMXoAv/
ulaOQWpJVLejLes4Dgvgvvsi990HGjcwPNblTqxvLqbweY8bHw0AMzu32DCF/Xr4
kfb+gBG7FnO3PDhifqfZsci50vv6Wc/jpgJlwr21hICfPiWl26K+uw5jC7RxmaUw
I0Yf7FQ5/w5WzV0ZKVeUU2ParvQplIRzkU997WW+u6zMIs+pay02gEWtpbp/CTMh
hsL4UxbsoRwSWkdnW/cc8CJJYo+1RBxbl4muQxMmE/W+iSvfH26n/HK1hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvK5ERVNu19zv4ILx9PwwvOwTuqMB8GA1UdIwQY
MBaAFMI2QtGrOdMJ7F8z5OiBStw1hIJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQt
MjI2Nzk2OGI2NTJmLzEvVzhya1JGVTI3WDNPX2dndkgwX0RDODdCTzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQtMjI2Nzk2OGI2NTJm
LzEvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudM4MA0G
CSqGSIb3DQEBCwUAA4IBAQAvOkalMWvDyHcSqLNg46uZb6h7btb1gCeJQZ4kwlov
YXDXS7P1DuwIxN4KO3Rpw6/3V3X5qnTT1Ai+mWAWO+teAcqLjcOK6jq7Ho4ANuRS
Hv0BXJOuTUEF2zsMfk9skPUGtLVWotpiF1oeYLKn/S0SA4T2M4IoqDfsQRQ8Xa5x
+uKpfOCss3DUW5RRKLxhBommnXwz2kbdaWJpfPozst7WZZil1Wxe5qfmj6hbjF5P
Qjos/rF4OtRcihWKc8rOUSwfAgc3HsSqf9NbBG6pvN5RXtuJIUIB8zkwZfX7Dpa0
2CCt9trSDMqVJSb6H3LmMQdSdwRXOBXkIzjD9G9ZpXYN
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:06:38 2024 by rpki-client on console-ams.rpki-client.org